"To date, we are hearing very few reports of actual fraud, but are closely monitoring the situation. We want to reassure guests that they will not be held financially responsible for any credit card or debit card fraud," Target CEO Gregg Steinhafel said in a statement Friday. "And to provide guests with extra assurance, we will be offering free credit monitoring services."

"The type of data stolen — also known as 'track data' — allows crooks to create counterfeit cards by encoding the information onto any card with a magnetic stripe," Krebs on Security, a popular security industry blog, reported. "If the thieves also were able to intercept PIN data for debit transactions, they would theoretically be able to reproduce stolen debit cards and use them to withdraw cash from ATMs."

"This unauthorized access is a crime, and we are taking it very seriously. While we can't provide specifics because the investigation is ongoing, we are working closely with the United States Secret Service to bring those responsible to justice," Target said.

While the Target incident ranks high among all-time security breaches, the biggest retailer credit and debit card security breach was made public in 2007 when TJX Cos, which owns TJ Maxx and Marshalls, claimed hackers stole data from 45.7 million customer cards. Court documents later revealed that the suspects could have obtained more than 94 million account numbers.